Invention Grant
- Patent Title: Electronic device and method for detecting malicious file
-
Application No.: US15677223Application Date: 2017-08-15
-
Publication No.: US10579798B2Publication Date: 2020-03-03
- Inventor: Ming-Kung Sun , Chiung-Ying Huang , Tung-Lin Tsai , Gu-Hsin Lai , Chia-Mei Chen , Tzu-Ching Chang
- Applicant: ACER CYBER SECURITY INCORPORATED
- Applicant Address: TW Taipei
- Assignee: ACER CYBER SECURITY INCORPORATED
- Current Assignee: ACER CYBER SECURITY INCORPORATED
- Current Assignee Address: TW Taipei
- Agency: McClure, Qualey & Rodack, LLP
- Priority: TW105141250A 20161213
- Main IPC: G06F21/00
- IPC: G06F21/00 ; G06F21/56
Abstract:
An electronic device and a method for detecting a malicious file are provided. The method includes the following steps: An executable file is searched, and an import table is extracted from the executable file. The import table includes at least a name of a first DDL and a name of a second DDL. A distance between the first DLL and the second DLL is calculated. Whether the distance exceeds a threshold is determined. If the distance exceeds the threshold, then whether a duplicate content of the import table exists in the executable file is checked. The executable file is regarded as a malicious file if the duplicate content of the import table exists in the executable file.
Public/Granted literature
- US20180165452A1 ELECTRONIC DEVICE AND METHOD FOR DETECTING MALICIOUS FILE Public/Granted day:2018-06-14
Information query
